From 2f76bb5e40f6f41a5bb2928379499b74da93f653 Mon Sep 17 00:00:00 2001 From: Stanislas Lange Date: Sun, 22 Jan 2023 00:06:51 +0100 Subject: [PATCH] Update easy-rsa to 3.1.2 and fix compatibility with Ubuntu 22.04 Based on this patch by @zerodivisi0n: https://github.com/angristan/openvpn-install/issues/1000#issuecomment-1283484772 --- .github/workflows/test.yml | 1 + openvpn-install.sh | 12 +++++------- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b9b7747..4270574 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,6 +15,7 @@ jobs: - debian-11-x64 - ubuntu-18-04-x64 - ubuntu-20-04-x64 + - ubuntu-22-04-x64 - fedora-35-x64 - centos-7-x64 - centos-stream-8-x64 diff --git a/openvpn-install.sh b/openvpn-install.sh index 7c6f741..6bb39c5 100755 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -706,7 +706,7 @@ function installOpenVPN() { # Install the latest version of easy-rsa from source, if not already installed. if [[ ! -d /etc/openvpn/easy-rsa/ ]]; then - local version="3.0.7" + local version="3.1.2" wget -O ~/easy-rsa.tgz https://github.com/OpenVPN/easy-rsa/releases/download/v${version}/EasyRSA-${version}.tgz mkdir -p /etc/openvpn/easy-rsa tar xzf ~/easy-rsa.tgz --strip-components=1 --no-same-owner --directory /etc/openvpn/easy-rsa @@ -729,18 +729,16 @@ function installOpenVPN() { SERVER_NAME="server_$(head /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)" echo "$SERVER_NAME" >SERVER_NAME_GENERATED - echo "set_var EASYRSA_REQ_CN $SERVER_CN" >>vars - # Create the PKI, set up the CA, the DH params and the server certificate ./easyrsa init-pki - ./easyrsa --batch build-ca nopass + ./easyrsa --batch --req-cn="$SERVER_CN" build-ca nopass if [[ $DH_TYPE == "2" ]]; then # ECDH keys are generated on-the-fly so we don't need to generate them beforehand openssl dhparam -out dh.pem $DH_KEY_SIZE fi - ./easyrsa build-server-full "$SERVER_NAME" nopass + ./easyrsa --batch build-server-full "$SERVER_NAME" nopass EASYRSA_CRL_DAYS=3650 ./easyrsa gen-crl case $TLS_SIG in @@ -1087,11 +1085,11 @@ function newClient() { cd /etc/openvpn/easy-rsa/ || return case $PASS in 1) - ./easyrsa build-client-full "$CLIENT" nopass + ./easyrsa --batch build-client-full "$CLIENT" nopass ;; 2) echo "⚠️ You will be asked for the client password below ⚠️" - ./easyrsa build-client-full "$CLIENT" + ./easyrsa --batch build-client-full "$CLIENT" ;; esac echo "Client $CLIENT added."